Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
File: e75e46c0-2d4d-42fd-a050-85f835672397.roa (raw, json)
Hash identifier: HiMVo6AhyH5qgFf+QNqGcwjIvPbZE8OWH2d08nM9tP8=
Subject key identifier: EE:A9:92:B5:02:D1:22:7E:B5:E4:1C:A8:86:1E:FC:36:BC:12:59:C8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 573C4D1B0C1482EE8EA2A8F51478A0BA298033E3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
Signing time: Wed 30 Apr 2025 00:20:40 +0000
ROA not before: Wed 30 Apr 2025 00:20:40 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:3c:4d:1b:0c:14:82:ee:8e:a2:a8:f5:14:78:a0:ba:29:80:33:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:40 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=632f8acf108970c79eca406ffeb765b6d444d76bec125b2b80c86f4f00551e4a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:25:53:13:97:b0:bd:02:b5:55:f6:68:78:0c:
44:b0:0d:47:6c:81:50:2a:fa:ec:b3:65:3a:6d:7b:
9f:6b:39:a2:96:5e:b9:1a:97:b5:b8:59:20:a1:ca:
00:a9:ea:03:d9:13:59:19:88:07:78:5c:cd:47:40:
25:e0:28:ef:3f:c3:4d:7b:6b:39:fd:60:e1:b6:14:
bf:28:6e:15:17:bb:c3:e6:54:83:05:e2:06:13:6a:
98:8e:d4:c8:0a:5f:55:4d:38:6b:69:89:9f:42:ec:
e5:0d:d2:55:e9:64:ce:49:48:62:4c:2e:95:59:6a:
df:3f:44:34:0f:15:be:ff:21:79:1e:54:08:b9:c1:
e9:f0:78:40:13:b1:ae:b2:28:e0:a9:75:e9:ce:f1:
74:33:7a:54:8c:0e:21:f9:39:43:63:3d:d5:ae:0a:
f7:fe:98:fb:ed:a4:66:9b:69:de:5e:67:2e:c3:84:
ae:ec:b3:b2:dd:52:1c:1b:5e:3e:97:f0:7b:cb:68:
50:a4:11:4d:55:77:27:bd:76:7c:05:61:36:b6:04:
48:e6:fe:98:56:bc:89:26:fb:36:1a:b3:b0:53:ac:
af:80:f5:cf:e2:c5:7b:12:61:2f:56:41:80:86:59:
e4:b8:bb:c1:21:db:97:f0:3a:4b:ab:cb:dc:fb:dd:
b8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A9:92:B5:02:D1:22:7E:B5:E4:1C:A8:86:1E:FC:36:BC:12:59:C8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:9000::/36
Signature Algorithm: sha256WithRSAEncryption
68:e3:26:cd:a3:b1:53:65:c0:1b:ae:71:2b:71:ed:c1:cb:6a:
ec:b6:25:0e:71:6e:b2:de:2c:74:2c:10:c3:e6:b9:46:0c:8d:
fb:63:50:a1:eb:77:a8:c4:67:a5:41:ab:a6:40:7f:03:d9:6c:
52:68:e4:59:22:ac:ba:4c:81:51:fe:97:79:88:bc:fe:4a:b4:
c6:ac:00:51:d1:56:50:c3:3c:ab:ed:2c:90:b3:8b:1a:bd:8d:
18:52:cb:02:c2:b0:9d:84:87:7a:34:44:1c:0a:d5:8b:c2:b1:
b3:24:08:12:da:41:92:27:2d:58:f4:c0:0e:75:a7:87:b1:24:
f7:7d:46:59:71:42:8f:59:d4:7c:d4:64:1b:1d:31:c7:dd:83:
db:a9:cb:17:21:90:5b:be:43:9b:c4:8b:34:57:19:7a:ab:7f:
f9:93:c8:87:08:83:63:f0:45:5f:6e:4e:1d:66:b7:a2:2c:e2:
d9:5f:9b:f0:1b:18:20:9d:eb:42:b2:cd:4a:c5:7d:e5:c1:9e:
d4:7a:77:bb:a6:b6:3a:d0:eb:dd:ff:0e:ec:0f:e8:d2:75:9e:
26:07:b2:ac:f2:fd:4d:4f:ae:1b:81:e2:76:2d:bb:18:19:81:
2b:1a:68:4a:42:ad:44:06:ce:fe:88:e7:7d:24:46:08:25:9c:
5f:cb:87:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVzxNGwwUgu6Ooqj1FHiguimAM+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwNDBaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzMmY4YWNmMTA4OTcwYzc5ZWNhNDA2ZmZlYjc2NWI2ZDQ0NGQ3NmJlYzEy
NWIyYjgwYzg2ZjRmMDA1NTFlNGExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJslUxOXsL0CtVX2aHgMRLANR2yBUCr67LNlOm17n2s5opZeuRqXtbhZIKHK
AKnqA9kTWRmIB3hczUdAJeAo7z/DTXtrOf1g4bYUvyhuFRe7w+ZUgwXiBhNqmI7U
yApfVU04a2mJn0Ls5Q3SVelkzklIYkwulVlq3z9ENA8Vvv8heR5UCLnB6fB4QBOx
rrIo4Kl16c7xdDN6VIwOIfk5Q2M91a4K9/6Y++2kZptp3l5nLsOEruyzst1SHBte
Ppfwe8toUKQRTVV3J712fAVhNrYESOb+mFa8iSb7NhqzsFOsr4D1z+LFexJhL1ZB
gIZZ5Li7wSHbl/A6S6vL3PvduJ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTuqZK1
AtEifrXkHKiGHvw2vBJZyDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTc1ZTQ2YzAtMmQ0ZC00MmZkLWEwNTAtODVmODM1NjcyMzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBo4ybNo7FTZcAbrnErce3By2rstiUOcW6y3ix0
LBDD5rlGDI37Y1Ch63eoxGelQaumQH8D2WxSaORZIqy6TIFR/pd5iLz+SrTGrABR
0VZQwzyr7SyQs4savY0YUssCwrCdhId6NEQcCtWLwrGzJAgS2kGSJy1Y9MAOdaeH
sST3fUZZcUKPWdR81GQbHTHH3YPbqcsXIZBbvkObxIs0Vxl6q3/5k8iHCINj8EVf
bk4dZreiLOLZX5vwGxggnetCss1KxX3lwZ7Uene7prY60Ovd/w7sD+jSdZ4mB7Ks
8v1NT64bgeJ2LbsYGYErGmhKQq1EBs7+iOd9JEYIJZxfy4du
-----END CERTIFICATE-----
Generated at Mon May 5 10:50:15 2025 by rpki-client